Lifting the lid on cyber security and local business

On a visit to the Macquarie offices in Sydney late last year we heard a story on cyber security business. The Minister Assisting the Prime Minister on Cyber Security, Dan Tehan, relayed an anecdote. His story revealed much about the cyber security business and the challenges facing Australia.

Mr Tehan had recently visited one of the towns in his electorate in the Western Districts of Victoria. On that particular visit he spoke to a woman running an accountancy business there.

She related how she had been shocked to have found herself the victim of ransomware. Ransomware is a malicious piece of code planted on a user’s computer or network that locks their files and threatens to erase them unless a ransom is paid.

She paid a sum in the thousands of dollars and, thankfully, the files were released.

Mr Tehan noted that if someone had walked into the business with a weapon and stolen money, it would have been front page local news for weeks.

But as a cybercrime, nothing was reported.

He also speculated about how many other small businesses in the regional had suffered similar thefts, again without any comment. Imagine the news coverage if it had been people with guns rather than code as weapons?

Further, what might have been the ripple effects to the local economy if the accountant’s files had been destroyed? The records of farmers, local retailers, private individuals – all gone.

The story highlights the disconnect between the huge impact of cyber crime across the nation. It shows the low awareness in the community that it is not just big businesses, Internet companies and governments who are being hit and need to take preventative action.

Cyber security business affects us all.

Just as there are no graphic images of hoodlums or terrified victims on our TV screens every night, there is no simple accounting of the cost and incidence of cybercrime. The Federal Government itself, in its 2016 Cyber Security Strategy, estimated the cost to Australia as anywhere from $1 billion to $17 billion a year. Making the cyber security business everyone’s business.

This murkiness means many organisations continue to see cybercrime as someone else’s problem. Businesses neglect the most basic cyber security “hygiene” measures. They fail to elevate responsibility to the executive suite. As shown in research work Macquarie commissioned the “Weakest Link” cyber security report from the National Security College last year.

We sought to use the report to highlight that one organisation’s poor practice creates a risk shared by the whole community.

Our information systems are increasingly linked to the systems of others. So breaking into to one person’ insecure system too often provides a backdoor into another.

The “weakest link” problem is testing every national government. It could represent a great opportunity for Australia to take a position of regional or international leadership.

Australia is just not so big and so politically decentralised that the idea of a national cyber security business effort is fanciful or prohibitively complicated.

Australia’s cyber security skills are some of the best.

Rather, Australia is an advanced economy and has access to some of the best cyber security skills in the world. Much of those skills are home-grown. Australia has good systems for co-ordinated government action. And has a business community that is not too big to be reached.

Getting the cyber security message across to the thousands of businesses is critical. Like Minister Tehan’s accountant, communication constituents the first and biggest challenge we face. Especially if we are to lift the national cyber security stance.

But if we do that, we might just look back on 2017 as the year Australia turned the corner on national cyber safety.

Contact
Aidan Tudehope 0411466461

About Macquarie Government: Macquarie Government is a division of the Macquarie Telecom Group (ASX MAQ). It provides services to Federal and State Government agencies, including Secure Internet and Secure Cloud services.

About the author.

Aidan is co-founder of Macquarie Telecom Group and has been a director since 1992. He is the Managing Director of Macquarie Government & Hosting Group and is invested in leading the contribution from the Australian industry on all matters Cloud & Cyber policy related.